/****************************************
 * 2018 - 2021 版权所有 CopyRight(c) 快程乐码信息科技有限公司所有, 未经授权，不得复制、转发
 */

package com.kclm.security03.config.security.login;

import com.kclm.security03.config.security.dto.SecurityUser;
import com.kclm.security03.config.security.service.impl.UserDetailsServiceImpl;
import com.kclm.security03.modules.common.util.PasswordUtil;
import com.kclm.security03.modules.system.entity.User;
import com.kclm.security03.modules.system.mapper.UserMapper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;

/******************
 * @Author yejf
 * @Version v1.0
 * @Create 2020-08-05 22:10
 * @Description 自定义 管理员认证提供者
 */
@Slf4j
@Component
public class AdminAuthenticationProvider implements AuthenticationProvider {

    public AdminAuthenticationProvider() {
        log.debug("创建AdminAuthenticationProvider实例...");
    }

    @Autowired
    private UserDetailsServiceImpl userDetailsService;

    @Autowired
    private UserMapper userMapper;

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        log.debug("调用 AdminAuthenticationProvider 的 authenticate方法");
        // 获取前端表单中输入后返回的用户名、密码
        final String userName = (String) authentication.getPrincipal();
        final String password = (String) authentication.getCredentials();
        log.debug("用户输入的用户名和密码分别是："+userName+" => "+password);
        //调用 userDetailsService的 loadUserByUsername 方法来获取用户
        SecurityUser userInfo = (SecurityUser) userDetailsService.loadUserByUsername(userName);
        //判断密码是否正确
        boolean isValid = PasswordUtil.isValidPassword(password, userInfo.getPassword(), userInfo.getCurrentUserInfo().getSalt());
        // 验证密码
        if (!isValid) {
            throw new BadCredentialsException("密码错误！");
        }

        // 前后端分离情况下 处理逻辑...
        // 更新登录令牌
        String token = PasswordUtil.encodePassword(System.currentTimeMillis() + userInfo.getCurrentUserInfo().getSalt(), userInfo.getCurrentUserInfo().getSalt());
        User user = userMapper.selectById(userInfo.getCurrentUserInfo().getId());
        //
        log.debug("由userMapper拿到的user:"+user);
        user.setToken(token);
        userMapper.updateById(user);
        userInfo.getCurrentUserInfo().setToken(token);
        //返回
        return new UsernamePasswordAuthenticationToken(userInfo, password, userInfo.getAuthorities());
    }

    @Override
    public boolean supports(Class<?> authentication) {
        log.debug("invoke method: supports ");
        return true;
    }
}
